What is Tabjacking and How Does It Work?
Tabjacking is a new form of malware that can enter your PC through vulnerabilities in your Web browser that allow hackers to insert malicious code into the tabs of your Web browser. The code is capable of hijacking the tab to a new Web page and inserting advertising pop-ups, worms, trojans, or other malware into your PC.
How Tabjacking Works
Mozilla Firefox made a browser that allows you to surf the Internet and switch to the pages you have chosen to view through the use of browser tabs. Not long after, Internet Explorer introduced a new version that has the same capabilities as Mozilla Firefox. The tabs allow you to open more Web pages within a single browser window and are designed to make your browser easier to use.
Although the tabs make surfing the Web a lot easier, they also introduce a new weakness where hackers can insert malicious code. When you open the tab the codes are run to hijack the tab to a Web page that the hacker wants you to view. The pages usually contain advertisements and may even contain additional adware that is inserted into your PC.
Tabjackers are also capable of inserting viruses and other malicious files into your PC that include spyware and keyloggers, as well as displaying phishing websites that encourage you to enter personal information that invites identity theft.
Once your PC has been tabjacked the problem will persist even if you try to reboot your PC's operating system, and the malware will reinsert itself without your consent every time you open your browser. The concept of tabjacking has been introduced as a result of the new browser design that allows you to view more than one Web page in your browser window. Hackers use tabjacking to exploit browser vulnerabilities on computers that are not running updates to antivirus software or are running on older operating systems.
How to Protect Your PC Against Tabjacking
While this form of malware is still in the phases of being studied, you can protect your PC against tabjacking by keeping your operating system and Web browser updated with all of the latest security patches and running a current antivirus protection program on your PC. Also, make sure your antivirus program contains an anti-adware and antispyware application and is capable of automatically scanning for the latest virus updates. You can also use a reputable registry cleaner on a periodic basis to remove any unwanted or malicious files that may have made their way to your PC's registry.